System and method for virtual region based access control operations using BIM

ABSTRACT

A system operates using the steps of a building information model (BIM) of a security system defining a three-dimensional floor plan of a secured area, the BIM receiving a graphical input from a user defining at least one subarea of the secured area, a user input of the security system receiving a selection of the at least one subarea of the secured area, the user input of the security system receiving a change in a parameter from the user of the security system, the parameter is used by a plurality of security devices within the at least one subarea and changing a corresponding parameter within each of the plurality of security devices to match the changed parameter.

FIELD

The field of the invention relates to security systems and more particularly to methods of administering to the operations of such systems.

BACKGROUND

Security systems are generally known. Such systems are typically used for the protection of people and assets within a secured area.

In many cases, the secured area is surrounded by some sort of physical barrier (e.g., a fence, wall, etc.) with one or more access doors for entry and egress of authorized users. A sensor may be provided on each door and window in order to detect intruders.

The sensors may be monitored by a security controller. Upon activation of one of the sensors, the controller may transmit an alarm message to a central monitoring station. The central monitoring station may respond by summoning the police.

At least some of the doors may be provided with an input device that may be used by authorized users of the secured area to provide inputs to the security controller. Inputs may include commands to arm or disarm the security system, to arm or disarm certain doors or simply to allow the user to pass through an associated door without triggering an alarm.

While existing security systems work well, they are difficult to administer where the number of entry points, sensors and types of sensors number in the hundreds and especially where they are used across multiple time zones. Accordingly, a need exists for better methods of administering large security systems.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a simplified block diagram of a security system shown generally in accordance with an illustrated embodiment;

FIG. 2A is a block diagram of a prior art system;

FIG. 2B is a block diagram of a system as in claim 1;

FIG. 3 is a display provided by the system of FIG. 1;

FIG. 4 is a set of steps that may be used by the system of FIG. 1; and

FIG. 5 is an alternate set of steps that may be used by the system of FIG. 1.

DETAILED DESCRIPTION OF AN ILLUSTRATED EMBODIMENT

While embodiments can take many different forms, specific embodiments thereof are shown in the drawings and will be described herein in detail with the understanding that the present disclosure is to be considered as an exemplification of the principles hereof, as well as the best mode of practicing same. No limitation to the specific embodiment illustrated is intended.

FIG. 1 is a simplified block diagram of a security system 10 shown generally in accordance with an illustrated embodiment. Included within the security system is a number of sensors 14, 16 or a number of sensors 14, 16 and cameras 18, 20 used to detect security threats within a secured area 12. The secured area may be located at a single geographic location as shown in FIG. 1 or may be a number of geographically separate areas connected by a communication connection.

The sensors may include one or more switches coupled to the doors and windows around a periphery of the secured area. The sensors may also include one or more passive infrared (PIR) detectors that are able to detect the movement of intruders within an interior of the protected space. Alternatively, the sensors may also include one or more environmental sensors (e.g., smoke detectors, carbon monoxide detectors, natural gas detectors, etc.).

The system may also capture images for security purposes from one or more cameras 18, 20. The cameras may be used to record events from within the secured area or (with the appropriate processing capability) may also be used to detect threats such as posed by intruders within the protected space.

The secured area may also include one or more actuator devices (actuators) 22, 24. The actuators may be selected from any of a number of different types of devices. For example, at least some of the actuators may be audio and/or visual devices (e.g., a siren or siren and flashing light) that announce the detection of a threat within one or more of the secured areas or subareas. Alternatively, the actuators may include one or more linear actuators that open/close doors. At least some of the actuators may also be provided that activate sprinklers that quench fires or that activate or deactivate fans that clear smoke from an area or subarea.

The secured area may also include combinations of sensors and actuators that operate cooperatively to achieve a security objective. For example, at least some of the sensor and actuator combinations may include a card reader used in conjunction with a door lock. In this case, the card reader reads an identification card of a person authorized to use some part of the secured area and activates the lock to allow entry by that person into and out of that part of the secured area.

Included within the secured area or within a central monitoring station 28 may be a control panel 26. The control panel operates to monitor the sensors and cameras and to control the actuators in accordance with a predetermined security plan.

Associated with the control panel is a user interface (UI) 40. The user interface may include an interactive display 42 using a touch-sensitive screen or may be embodied as a conventional display 42 with a separate keyboard 44.

Included within the control panel may be one or more processor apparatus (processors) 30, 32, where each operates under control of one or more computer programs 34, 36 loaded from a non-transitory computer readable medium (memory) 38. As used herein, reference to a step of a computer program is also reference to the processor that executed that step.

In general, the secured area operates under control of a three-dimensional (3D) building information model (BIM) embodied at least as data and data structures within memory. In this context, each sensor, camera and actuator is associated with a respective geographic location within the BIM. More specifically, each sensor, camera and actuator has a set of coordinates associated with the device that defines where the device is located within the BIM model.

The use of the BIM offers a number of advantages in the execution of the security plan. For example, a BIM processor may be used to display three dimensional models of the secured area on the user interface. Since the BIM also includes a respective coordinate of each sensor, camera and actuator, the BIM processor is able to superimpose the location of each of each sensor, camera and actuator on 3D images.

The secured area may be divided into a number of subareas, each with a separate security control subsystem. For example, upon activation of the control panel, one or more of the processors within the control panel would operate to discover each sensor, camera and actuator within the secured area based upon a class of the device. For example, intrusion sensors may constitute or otherwise define a first class of device that would be discovered by an intrusion processor. Similarly, cameras would define a second class of device that would be discovered by a processor that processes information from the camera and that would also operate to control certain aspects (e.g., pan-tilt-zoom (PTZ)) of the camera. The processor that discovers cameras may be referred to as a camera processor/controller or simply as a camera controller. Similarly, card readers and associated lock actuators would define a third class of device discovered by a reader controller. Actuators would define a fourth class of device discovered by an actuator controller.

Each class of device operates under a respective set of parameters. Each of the set of parameters represents an input to that particular class of device that controls the output of the device or the way the output is provided.

In general, each class of device has a first set of parameters that are unique to that device and a second set of parameters that are common with other classes of devices. An example of the second set of parameters includes a value of time (e.g., Greenwich mean time). An example of the first set of parameters that are not common with other classes of devices may include the frames per second set by the camera controller in receiving images from the camera, the PIN numbers of authorized users used by the card reader controller, etc. Because of the differences in operating parameters, each class of device may be considered as functioning under its own localized control system or control panel.

Once activated, the user could define a set of operating parameters for each class of device on an individual basis and globally. For example, the user could define a global clock that would be maintained and used by each control system. The user may also define a set of time related thresholds for at least some classes of device. For example, the user may define a time in the evening when images from the camera would be saved into an archive for later use if a crime were subsequently detected and where the security system sensors did not detect the crime.

Similarly, the user could also define a set of rules for each class of device. Rules in this case represent a broader category of parameters. For example, a rule may define a combination of parameters used by a processor class of device to produce a particular output. For example, a rule may specify that during a first time period, a camera may simply record video and during a second time period, a camera may perform motion detection. In this case, the first set of parameters includes a definition of the first time period (start and stop times) and a triggering parameter that causes the recording of video during the first time period. The second set of parameters includes the definition of the second time period (start and stop time) and a triggering parameter that activates a corresponding program to cause motion detection and reporting of motion as an alarm state.

Each class of device has a set of parameters that defines that a class of device. For example, a camera may have a first parameter that defines whether the camera records video frames to memory and a second parameter that defines whether the camera performs motion detection. The camera may also have another parameter that defines when the camera performs each function.

Similarly, a card reader/door lock combination may have a set of parameters that activates and deactivates a corresponding set of rules for that device. In general, an identifier of each class of devices defines how that device operates and the parameters that activate and deactivate the functions of that device. Since the devices in each class have substantially identical functions in terms of the behaviors that may be exhibited by the device, the rules followed and the thresholds for those behaviors and rules, the functions of each device may be defined by a parameter file 50, 52 for that device. It should be noted in this regard that since the devices in any one class have substantially identical functions, the format of the parameter file of each device within a class is also identical. The common format of parameter files among devices of the same class allows the use of a copy paste function that allows the behavior, rules and thresholds of one device in a class to be copied into another device within the same class.

Under the BIM, a user may use the BIM processor to divide the secured area 100 into two or more subareas 102, 104, 106 (see for example, FIG. 2B). Dividing the secured area into subareas also causes the control panel to divide the control systems of the secured area into a respective set of control systems for the subareas.

In order to divide the secured area, the authorized user may activate a BIM icon on the display 42 of the user interface. The user may then identify one or more subareas, regions or security zones within the secured area by tracing the outline of each subarea using the cursor 45. The user may complete the process by activating an ENTER button on the keyboard 42 or activating a COMPLETE softkey on the display to create the virtual regions.

In general, this process is used to define a number of virtual regions under a coordinate system defined by the BIM. This process may be repeated any of a number of times as the user creates the virtual regions using the process of FIG. 2. As each zone is created, it is stored into a respective zone file 46, 48.

The creation of a number of subareas may be used as a method of creating a hierarchy of control systems and operating parameters. The hierarchy allows the system to internally group the devices in each virtual area based upon the class of the device. For example, the highest level (i.e., associated with the entire secured 12) represents a set of global operating parameters. Those subareas that have been divided out can be independently changed by the user. This is important because the highest level can be used to define a global time while the subareas can have a time value that is offset based upon the time zone in which the subarea is located. In this regard, the end user can directly click on a virtual region and can change the time zone. In response, the system will internally apply the modified time zone to all readers and panels in that virtual region. Similarly, security settings and rules can be defined on a global scale and on a local scale.

In one embodiment, the security settings (and parameters) of a parent area may be copied into a created virtual subarea. Once created, the user can select the subarea (via the cursor) and adjust parameters of the created virtual subarea at will.

For example, each virtual subarea may have a user input including a set of function buttons 300. One function button (e.g., 302) may be provided to adjust global parameters (e.g., time) for that region. Other function buttons (e.g., 304) may be used to select a particular class of device for that region. Other function buttons may be used to select parameters and to change the respective parameters.

For example, the end user may use a first portion of a user input to click on virtual region 1 and a second portion of the user input to choose the “copy region settings” option (FIG. 5). In this regard, a BIM processor may display virtual region 1 along with a set of options related to region 1. One of the options may be the “copy region settings” option. Following this step, the end user may right click on region 2 and choose the “paste” option. In response, a parameter processor of the system copies the regional settings of region 1 into region 2. Now all of the settings that have been previously applied to virtual region 1 will be replicated into region 2.

FIG. 2 compares the system described herein with prior systems. For example, prior systems (FIG. 2A) only allowed a user to access the system on a global level (level 1). If a user should wish to change a parameter, the user would need to access a particular control system associated with a particular class of device (level 2). However, this particular control system included all of the devices of that class throughout the system. Once the user has selected a particular control system (i.e., class of device), the user would be given access to the devices on level 3.

In contrast, FIG. 2B shows that once a user selects a particular subarea, the user only has access to the devices) within that subarea. In this regard, once a user clicks on a particular region or zone, the system may present a number of classes of devices as shown on level 2 and FIG. 3. One class may be a time keeper class of device. Other classes may include sensors, cameras or card readers. In addition (and as shown in FIG. 3), the selection of a region shows the 3D image of the device under the BIM along with the status of each device within that region. This allows for much simpler administration of the security system.

The prior system of FIG. 2A requires the end user to have complete knowledge of the devices in order to perform any action on the system. This increases the cost of the system by requiring that any user have complete training regarding the system and increases the possibility of mistake.

For example, consider the instance in which an end user wants to change the time zone for a particular area in the secured area. Since the secured area is embodied as a single logical entity, the user would have to change the time zone for each device (e.g., each card reader) within the particular area. This is a repetitive operation that would need to be done on all readers within the particular area.

Similarly, consider the instance in which a door forced open alarm occurred near a building monitoring station (BMS) room and the end user is interested in viewing the recorded video of any camera mounted near the BMS room. In this case, the end user has to know the geo location of each camera within a list of cameras in order to quickly identify the proper camera.

The system of FIGS. 1 and 2B enables the user to make global changes (i.e., to the extent of the devices located within that subarea) by allowing them to virtually mark any area in the BIM 3D floor plan. This allows the user to directly perform all operations (e.g., rules and policy setting, grant/deny access, changing time zone, etc.) only on that subarea. The devices falling within that virtual area will be grouped for that region and all the subsequent parameter change operations on that region will reflect back on all the contained devices to the extent they are a global change for that subarea or in the class of device selected for the change.

In this way, the end user can define the different behaviors, rules, settings, etc. for every virtual region in accordance with the need. This has the effect of completely abstracting the lower level devices and other non-operator centered details in the system and makes inputs to the system more meaningful. The system completely eliminates the need for the operators to know device details of the readers, panels and all other low level device details. This helps the end users to more easily and effectively make changes in the operation of the system.

Whenever changes are made on the virtual regions, like changing a time zone, the system will internally apply all of those changes to the panels/readers in that region. This imparts a logical and physical mapping to the virtual areas that allows a user to visually operate on those regions.

In a particular example, consider a secured area having a number of security areas, each with a different need for security. With the proposed solution, the operator can draw virtual regions containing different regions (e.g., a datacenter and BMS in one region and another region containing a library and pantry). Now the operator can directly set rules and perform other access control operations directly on the different virtual region as separate operations. This method provides complete flexibility over the access control system and allows the end users to easily configure and segregate the different areas in one region.

Consider the example where a fire emergency occurs in a particular area of a premises and where, for precautionary reasons, the operator should take countermeasures. With the display of a conventional security panel there is no apparent way for the operator to visually look at the display and inherently know the identifiers of nearby regions so that he/she can activate the sprinklers in those nearby regions or take some other precautionary measure. Unless the operator has complete knowledge of the floors/premises/building structure he/she cannot act immediately in response to emergency situations.

Consider the example where a secured area has a number of zones with similar security requirements, where different rules and behaviors have been applied among the zones and where at least one of the zones has a rule set that works particularly well. If the operator wants this same set of behaviors, rules and settings to be replicated into another zone or into a newly created zone, then (under illustrated embodiments) the operator is able to directly copy all zone based settings using a simple copy/paste function available through the user interface.

The system offers a number of advantages over prior methods. For instance, the system completely eliminates any need for the operator to know the lower level device detail of each zone and instead provides the operator with a system wherein device detail is abstracted in a way that is flexibly implemented across adjacent zones. The allows an operator to make changes very quickly and efficiently. Since the system internally takes care of correlating layouts among zones, human errors are prevented.

In general, the system operates using the steps of a building information model (BIM) of a security system defining a three-dimensional floor plan of a secured area, the BIM receiving a graphical input from a user defining at least one subarea of the secured area, a user input of the security system receiving a selection of the at least one subarea of the secured area, the user input of the security system receiving a change in a parameter from the user of the security system, the parameter is used by a plurality of security devices within the at least one subarea and changing a corresponding parameter within each of the plurality of security devices to match the changed parameter.

Alternatively, the system includes a security system having a secured area, a building information model (BIM) of the security system that defines a three-dimensional floor plan of the secured area, a zone file that defines a plurality of zones within the secured area in accordance with a coordinate system of the BIM, a user input of the security system that receives a selection of the at least one zone of the plurality of zones within the secured area, the user input of the security system that receives a change in a parameter from the user of the security system, the parameter is used by a plurality of security devices within the selected zone and a processor that changes a corresponding parameter within each of the plurality of security devices to match the changed parameter.

In another embodiment, the system includes a security system having a secured area, a building information model (BIM) of the security system that defines a plurality of regions within the secured area, a first portion of a user input of the security system that receives a selection of the at least one region of the plurality of regions within the secured area, a second portion of the user input of the security system that receives a change in a parameter from the user of the security system, the parameter is used by a plurality of security devices within the selected zone and a parameter processor that changes a corresponding parameter within each of the plurality of security devices to match the changed parameter.

From the foregoing, it will be observed that numerous variations and modifications may be effected without departing from the spirit and scope hereof. It is to be understood that no limitation with respect to the specific apparatus illustrated herein is intended or should be inferred. It is, of course, intended to cover by the appended claims all such modifications as fall within the scope of the claims. 

The invention claimed is:
 1. A method comprising: a building information model (BIM) of a security system defining a three-dimensional floor plan of a secured area having a plurality of security devices detecting threats within the secured area, the plurality of security devices being divided into a plurality of classes based upon a respective function of each security device and wherein security cameras define at least one of the plurality of classes; the BIM receiving a graphical input from a user dividing the secured area into a plurality of subareas, the graphical input defining at least one subarea of the plurality of subareas within the secured area, the graphical input being a tracing of an outline of the at least one subarea using a cursor; a first user input of the security system receiving a selection of the one or more of the plurality of subareas of the secured area; a second user input of the security system receiving a selection of a class of the plurality of classes for the selected one or more subareas; a third user input of the security system receiving a change in a parameter of the selected class from the user of the security system, the parameter is one of a plurality of parameters used by the selected class of security devices within the one or more subareas, the plurality of parameters has a first set of parameters that are unique to the security devices of the selected class and a second set of parameters that are common to other classes of security devices, the common set of parameters including at least a time local to the security system and based upon Greenwich mean time; and changing a corresponding parameter within the security devices of the selected class within the selected one or more subareas to match the changed parameter.
 2. The method as in claim 1 further comprising selecting at least some of the plurality of devices based upon the selected class.
 3. The method as in claim 1 wherein the parameter further comprises an activation time.
 4. The method as in claim 1 wherein the parameter further comprises an identifier that defines at least one authorized user of the security system.
 5. The method as in claim 1 wherein the parameter further comprises an access condition.
 6. The method as in claim 1 further comprising replicating parameters configured in one subarea into other subareas.
 7. A system comprising: a security system having a secured area; a plurality of security devices detecting threats within the secured area, each of the plurality of security devices being classified into one of a plurality of classes based upon a function of the security device wherein one of the plurality of classes includes security cameras; a building information model (BIM) of the security system that defines a three-dimensional floor plan of the secured area; a zone file that defines a plurality of zones within the secured area in accordance with a coordinate system of the BIM and a received graphical input from a user dividing the secured area into the plurality of zones, the graphical input defining at least one zone of the plurality of zones of the secured area, the graphical input being a tracing of an outline of the at least one zone using a cursor; a first user input of the security system that receives a selection of the at least one zone of the plurality of zones within the secured area; a second user input of the security system that receives a selection of a class of the plurality of classes for the selected at least one zone; a third user input of the security system that receives a change in a parameter of the selected class from the user of the security system, the parameter is one of a plurality of parameters used by the selected class of security devices within the selected at least one zone, the plurality of parameters has a first set of parameters that are unique to the security devices of the selected class and a second set of parameters that are common to other classes of security devices, the common set of parameters including at least a time local to the security system and based upon Greenwich mean time; and a processor that changes a corresponding parameter within the security devices of the selected class within the at least one zone to match the changed parameter.
 8. The system as in claim 7 further comprising a user interface that receives a selection of at least some of the plurality of devices based upon the selected class.
 9. The system as in claim 7 wherein the parameter further comprises an activation time.
 10. The system as in claim 7 wherein the parameter further comprises an identifier that defines at least one authorized user of the security system.
 11. The system as in claim 7 wherein the parameter further comprises an access condition.
 12. The system as in claim 7 wherein the change in the parameter is defined by copying a set of rules from one zone and pasting the copied set of rules into another zone.
 13. A system comprising: a security system having a secured area; a plurality of security devices each detecting threats within the secured area, each of the plurality of security devices being discovered to one of a plurality of classes based upon a function of the security device; at least one of the plurality of classes being security cameras; a building information model (BIM) of the security system that defines a three-dimensional floor plan of the secured area and a plurality of regions within the secured area, the BIM receiving a graphical input from a user dividing the secured area into the plurality of regions, the graphical input defining at least one region of the plurality of regions within the secured area, the graphical input being a tracing of an outline of the at least one region using a cursor; a first user input of the security system that receives a selection of the at least one region of the plurality of regions within the secured area; a second user input that receives a selection of one of the plurality of classes for the selected at least one region; a third user input of the security system that receives a change in a parameter of the selected class from the user of the security system, the parameter is one of a plurality of parameters used by the selected class of security devices within the selected at least one region, the plurality of parameters has a first set of parameters that are unique to the security devices of the selected class and a second set of parameters that are common to other classes of security devices, the common set of parameters including at least a time local to the security system and based upon Greenwich mean time; and a parameter processor that changes a corresponding parameter within the security devices of the selected class within the at least one region to match the changed parameter.
 14. The system as in claim 13 further comprising a user interface that receives a selection of at least some of the plurality of devices based upon the selected class.
 15. The system as in claim 13 wherein the parameter further comprises an activation time.
 16. The system as in claim 13 wherein the parameter further comprises an identifier that defines at least one authorized user of the security system.
 17. The system as in claim 13 wherein the change in the parameter is defined by a processor that copies a set of rules from one region and pastes the copied set of rules into another region. 